Opened 21 months ago
Closed 21 months ago
#34408 closed Bug (invalid)
Authorization in Custom Authentication Backend does not work — at Version 1
Reported by: | Vivek Kumar Singh | Owned by: | nobody |
---|---|---|---|
Component: | contrib.auth | Version: | 4.1 |
Severity: | Normal | Keywords: | authentication, authorization |
Cc: | Triage Stage: | Unreviewed | |
Has patch: | no | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | yes | UI/UX: | no |
Description (last modified by )
I was experimenting with has_perm
and user_can_authenticate
functions in my custom authentication backend when I found out these function aren't even executing during the Authentication process. I tries putting print statements but there was no output in the log screen. I also tried using example suggested in Django Documentation (https://docs.djangoproject.com/en/4.1/topics/auth/customizing/#handling-authorization-in-custom-backends) but it still didn't work.
Here is my code:
class EmailBackend(BaseBackend): def authenticate(self, request, username=None, password=None): try: user = User.objects.get(email=username) if user.check_password(password): return user return None except User.DoesNotExist: return None def get_user(self, user_id): try: return User.objects.get(pk=user_id) except User.DoesNotExist: return None def has_perm(self, user_obj, perm, obj=None): print("hello") return True
and logs
[12/Mar/2023 00:01:05] "GET /login HTTP/1.1" 200 861 [12/Mar/2023 00:01:16] "POST /login HTTP/1.1" 302 0 [12/Mar/2023 00:01:16] "GET / HTTP/1.1" 200 370
as you can see there was no output saying "hello".
please explain what is the use of has_perm and other authorization functions in django anyway.
Change History (1)
comment:1 by , 21 months ago
Description: | modified (diff) |
---|---|
Resolution: | → invalid |
Status: | new → closed |
This looks like a lack of understanding rather than a bug report. Please spend more time reading the code and documentation to understand how it works. After that, if you have a specific documentation enhancement proposal, feel free to offer it.